package com.chen.security.controller;



import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

@RestController
@RequestMapping("/resource")
public class ResourceController {

    @GetMapping("/getStudent")
    @PreAuthorize("hasAnyAuthority('p1','p2','p3')")
    public Object getResource( HttpServletRequest request) {
        // return new Student(1569, "李华",20);
        String header = request.getHeader("Authorization");
        String token = header.substring(header.indexOf("bearer") + 7);
        DecodedJWT verify = JWT.require(Algorithm.HMAC256("123456")).build().verify(token);
        String user_name = verify.getClaim("user_name").asString();
        
        return user_name;
    }

}